Monday, December 24, 2007

Making a Social Network XSS Worm (hi5.com)

Well, the last couple of days I've been playing with hi5.

It's pretty cool, and I found a couple of XSS vulnerabilities.

I reported them to help@hi5.com, security@hi5.com, admin@hi5.com and all the e-mails I found on the domain hi5.com.

Well, they didn't responded.

So, there's a XSS Worm for hi5 on the wild.

The worm is on the following profile (if you visit it throught this domain you wont get infected, the problem lies if you visit it through www.hi5.com domain):

http://xssworm.hi5.com/

I'll alert you that the profile may be deleted by hi5 staff at any time.

I'll give an explanation on how this worm works as soon as it's controlled by the hi5 team, since it doesn't use XHR.. and some people asked me on the past if it is possible to do a worm without XHR.

To the hi5 team: there are a lot of vulnerabilities on your website, if you wish, I could help you with them, just respond the freaking e-mails.

cya!

UPDATE

I've finally been contacted by the hi5 team, we are working on solving the XSS & CSRF vulnerabilties.